Posted
by
timothy
on Monday August 02, 2010 @07:11AM
from the sounds-like-a-movie-script dept.

phantomfive writes "The company everyone loves to hate is after your private information, as the Wall Street Journal reports. The IE8 design team had planned on adding the best privacy features available, but the advertising executives wanted to track users. From the story: 'In the end, the product planners lost a key part of the debate. The winners: executives who argued that giving automatic privacy to consumers would make it tougher for Microsoft to profit from selling online ads. Microsoft built its browser so that users must deliberately turn on privacy settings every time they start up the software.'"

Microsoft built its browser so that users must deliberately turn on privacy settings every time they start up the software.

And how exactly is this different than what Chrome or Firefox does? Last time I checked, you had to actively enable the privacy feature for each session in all browsers...

You must've been using a trunk build of Firefox last time you checked, then, because Firefox has always had "Never remember history" or "Permanent Private Browsing mode" so that your browser fell into private mode automatically on boot. Where is this option on Internet Explorer? Please tell me, cause I can't find it.

So does that delete cookies, temporary files, search and form history and download history like Firefox does? Because then it's not even comparable.

Go to 'Tools'->'Internet Options' and click the 'Delete' button or else go to 'Tools'->'Delete Browsing History'. Under there you can select what you want Internet Explorer to clear (temporary files, history, cookies, form data, etc). Then you can go 'Tools'->'Internet Options' and set the 'Delete Browsing History on Exit' and it will delete the items y

There are ways to make all of them launch in private by adding a extra flag in Windows program dialog. For FireFox and IE it's "-private". For Chrome it's "-incognito". FireFox allows you the option to start in private browsing mode automatically by changing a setting in browser. This is easier for non-advanced users.

They aren't talking about the InPrivate Browsing mode. IE8 has built-in adblocking, based on content that is present in many pages from the same (external) domain. This blocks tracking cookies and images/applets from advertising companies. You can also choose to manually block content.

However, this feature - called InPrivate Filtering - is disabled by default each time you run IE. You can enable it by clicking the icon in the lower right, on the status bar, immediately next to the magnifier. There's also ap

Can you elaborate?
Ever since they introduced privacy settings in IE6, the first step I take on a new Windows installation is to set privacy to 'advanced', i.e. disable 3rd party cookies and only allow
first party/session cookies. And these settings have always stayed put. I can't find any other privacy settings in IE8, so what are you talking about?

When was Microsoft profiting from selling online ads? Maybe I just missed it, but I thought that they actually had real products and weren't just some spooty ad company trying to ingratiate themselves on the world with free swag? Actually, they hardly seem to have ingratiated themselves with anyone for any reason.

I wouldn't be surprised if the real reason is they're afraid that it would be seen as an anti-competitive move against Google, which is basically just a spooty ad company trying to ingratiate its

When was Microsoft profiting from selling online ads? Maybe I just missed it,

Bing is the #3 search engine. Microsoft owns Bing. Microsoft is a stable company with little prospects for growth (need proof? they've started paying dividends on their stock shares). Online search advertising is a growth market.

I'm not sure if I can reliably convey an answer to you in less than four sentences, but there's my shot. Maybe someone can do it in three?

I wouldn't be surprised if the real reason is they're afraid that it would be seen as an anti-competitive move against Google, which is basically just a spooty ad company trying to ingratiate itself on the world with free swag

"Swag" is actually an acronym for "Stolen With A Gun". Somehow in modern useage it's morphed to mean "free stuff, no gun needed."

Arr, ye pirates be pissed that yer swag be without risk.

I think MS is shooting themselves in the foot here. Re-enable privacy settings for every session?

Hmm... I just googled, and my comment came up first. The only references I can find is reddit (not a good citation at all), a comment from an AV club, and Sole Proprieter Magazine [solepropri...gazine.com].

SP: Can you tell us exactly what the origin of the word "swag" is?

SWAG: Good question. One story is that back in the pioneer days, when wagon trains were held up by bandits, the loot they got was "stolen with a gun". Others take it to mean "stuff we all get" which we like since that is what Swagtime is about.

soon, real soon. I think they see the decline of Microsoft themselves and are desperately casting around for ways to make money. They will be the next DEC if they can;t get some growth going soon, and they know no-one wants to buy Windows 8, not if they're still (happily) running XP, and not buying Office 2010 or any of the other cash-cows they have come to rely on to get them out of the black holes their other development projects quickly turn into.

If even internally at Microsoft they are talking about making the most private browser in the market, why isn't the FOSS browser? Oh yeah, that's because they are mainly funded by an advertising company!

The top 3 browsers are uncomfortably close to advertisers, and the maker of the 4th is also starting to integrate advertising mechanisms directly into its products.

Firefox severely needs forking, and tightening up, as web users don't really have much of a choi

IE8 fails for me for one simple reason, that stupid button to remove an entry from the address bar. The number of times I've clicked on the drop down button, moved the cursor down to the line I want and clicked, only for it to remove the entry rather than navigating to it. Why they couldn't they have put that icon on the left side instead is beyond me.

Granted I only use IE8 for testing our in-house software but it's still a hair pulling experience.

Conversely a behaviour I hate in Firefox is when you 'miss' an url in the auto complete dropdown. Rather than either doing nothing or closing the dropdown (both reasonable behaviours), it has a habbit of trying to take you to the half typed url (eg. 'www.slashdot.c' )which is utterly useless and irritating.

Oh fuck me, that annoys the shit out of me. And IE annoys me because its cookie management is a pain. And Opera annoys me because sometimes I click a mouse button and it tries to search the web for whatever I happen to have on my clipboard (one day, that will be a problem).
If I could get the bits I want from all the different browsers and mash them together into a new one, I'd be happy.

While we're griping, what about Chrome's utter inability to do anything useful with.rss files? Yes, Chrome, we get it: you don't do RSS. How about passing it to the OS's default RSS reader, instead of filling the screen with gibberish? Or hell, just do nothing. The behavior now is worse than useless.

When you get started on that mash-up browser, lemme know, I got ideas.

Those few browser users who actually care about their privacy have already taken steps to safeguard it, at least to some degree that they are comfortable with. MS releasing yet another version of IE that makes it easy for them or others to violate that privacy is not news. It's just business as usual.

MSFT has designed yet another piece of software you'd have to be a complete idiot to use.

I tend to agree but, like you, I'm the kind of person that reads Slashdot and downloads lots of different browsers for my own reasons. I know that 99% of web users are not like me (or you) and I'm fairly certain they don't care about this issue. If that's the case then I don't see a big problem here. Folks will voluntarily use IE8 amidst a sea of browser choice.

The Internet Explorer planners proposed a feature that would block any third-party content that turned up on more than 10 visited websites, figuring that anything so pervasive was likely to be a tracking tool. This, they believed, was a more comprehensive approach to privacy than simply turning off browser cookies, one that would thwart other tracking methods.

In the meantime, Google for Ghostery, which blocks tracking tools using a blacklist. I've had it disabled actually because I figured adblock + a hosts file would do enough for me. But in honor of this article I will re-enable it.

On the downside, this would probably kill projects like Google hosting common JavaScript libraries so sites can reference them and decrease page loads as users cache them elsewhere - in fact it would be worse than having no caching at all, it would strip the JavaScript out completely after the 10th site (unless they came up with a system of whitelisting such projects, which would carry management overheads, or ignoring certain files, in which case ad providers would just make their files look like the exceptions, etc).

in fact it would be worse than having no caching at all, it would strip the JavaScript out completely after the 10th site

As a user of noscript for years now, I don't think that's going to be an improvement in many cases. I've found that a majority of websites are already much better without javascript - much less visual noise and load times are fantastic and in many cases whatever functionality is lost isn't even missed. So anything that encourages less reliance on javascript is a good thing.

Then again, that presents the "NoScript" problem. While techies generally tend to use noscript, I pretty much see non-techies clicking "Temporarily allow all this page" on every page they visit that "doesn't work right" without even looking at the URL lists. So, a prompt to whitelist content would probably just get the same treatment. Better than status quo I suppose, but not a panacea either.

Here at Microsoft we half ass our software on purpose. It's a feature... for us.. you, not so much.

Seriously I could shake down every customer that walked through my door to buy a item by forcing them to disclose all their private info. That would work great until the shop next to me offers a better product and is just happy to do business with people.

They are currently king of the jungle and everyone knows it. The problem is, their kingdom is weakening and predictions are saying that Microsoft is the new (whatever previous king...IBM, Novell, whatever). A large part of the cause of this is Microsoft's lacking of good will. Microsoft is falling out of favor with its users. It's a growing problem for them and it's time they started trying to rebuild it.

Setting their browser to block ads by default would not hurt their cash cows (MS Office and MS Windows) but would certainly hurt their ad revenue... and other people's ad revenue as well... others like Google.

Now that I think about it, if they did use their browser to block ads, they might find themselves target of more anti-trust litigation.

I know people pushed for buying their products at some point in time, but I attribute that to their monopoly position and the relative ease of integration between their products (or the lack thereof between their and a competitor's product) more than any real goodwill. There have been, and still are, fanatics, but I can't imagine they were ever the norm.

As for the antitrust element, it wouldn't be difficult to incorporate privacy features that required the users to man

Now that I think about it, if they did use their browser to block ads, they might find themselves target of more anti-trust litigation.

That won't happen. It happened before because Microsoft hadn't learned to donate to politicians, and politicians realized they could attack Microsoft with little repercussion. Now Microsoft does a good job donating to everyone, so the politicians will leave them alone unless they do something really bad. Sad, but that's how the world is right now.

A retrospective positive spin on how MS is about trashing your privacy in the interests of generating revenue, as it always was.

In early 2008, Microsoft Corp.'s product planners for the Internet Explorer 8.0 browser intended to give users a simple, effective way to avoid being tracked online. They wanted to design the software to automatically thwart common tracking tools, unless a user deliberately switched to settings affording less privacy. That triggered heated debate inside Microsoft..

heh, i remember those days, i used to use both browsers, when one crashed i switched to the other. I got about equal usage. sure it may have had better support for html 4 etc but back then that was basically irrelevant, what you really wanted was a browser you could use for more than 20 minutes.

Where are these hidden privacy settings, all I see is a `Pop-up Blocker', a `Phishing Filter' `and Manage-Addons'

Check under the shield icon on the main toolbar or use ALT to show the menu bar and look under 'Tools'. There's should be an options for 'InPrivate Filtering' and 'InPrivate Browsing'. InPrivate Browsing will start a private browsing session which will not be saved. The main complaint is that you have to manually select it every time you open IE (or create a shortcut for 'iexplore.exe -private').

Ads are one of the places where we clearly see the rise of corporatism. Cyberpunk was right in the general direction, that corporations would become more important and then more powerful than governments, but wrong in how it would manifest. There will be no corporate wars (they're not profitable). The enemy of a corporation is not another corporation - it's the consumer. Wolves kill rabbits a lot more often than they kill other wolves. Amongst your peers, threats and displays of power work a lot better to establish hierarchy and territory than actual battle does. It's the prey that you hunt and kill, not your competitors.

We will be seeing a lot more like this. Consumer rights are being erroded all around the world, while corporate rights are being strengthened.

And I don't even consider myself a leftist - for you americans, if you read your actual history you'll find that several of the founding fathers wanted to outlaw corporations entirely, and the original compromise was to grant them temporary existence. Funny how the conservatives should be up in arms a lot more than the leftists are.

And I don't even consider myself a leftist - for you americans, if you read your actual history you'll find that several of the founding fathers wanted to outlaw corporations entirely, and the original compromise was to grant them temporary existence. Funny how the conservatives should be up in arms a lot more than the leftists are.

We Americans give a lot of lip service to our Founding Fathers, but we ignore many of their teachings. The thing about corporations is a big one; the FF were very suspicious of

I am wary of Google Chrome for the same reason.. Google, even more so than MS make money from advertising online.Firefox too derives much revenue indirectly from advertising, through their google sponsorship...

At least the source code for these browsers is available, giving users the opportunity to check the code over and provide third party builds with better privacy features, something you can't do with IE.

There's always Opera if you want a closed source browser, since they aren't an ad broker.

That's why I use chromium instead. All the advantage - with code I can check myself. And many do.

I can tell you that I was involved with discussions on the FSF's free-distro collaboration group about chromium and we identified a number of potential privacy gotcha's - we submitted the list to the chromium developers and all of them were fixed.

They were really very cooperative with us about resolving our privacy concerns.

Seriously, is anyone on/. using IE anyway? Firefox with adblock and noscript is all you need. As long as MS doesn't go all Apple and try to stop me from installing an alternate brower, who really gives a shit?

Sure it screws over those who use IE. But those who use IE have been getting screwed over for a long time. So what's new?

Seriously, is anyone on/. using IE anyway? Firefox with adblock and noscript is all you need. As long as MS doesn't go all Apple and try to stop me from installing an alternate brower, who really gives a shit?

It's still useful to see the stories, if for no other reason than to have more helpful info to present to friends/clients when giving them reasons to give up using IE.

It's understandable that some would like alternative an alternative to Safari on the iPad/iPhone/iPod touch, but they're certainly is n

I think Microsoft should do much more to screw over IE users, and they should be blatant about it. After all, they have everything to gain, and little to lose. Almost no one will actually switch away from IE (who hasn't already done so). Even if articles abound that IE gives away all their private information and browsing history, people will continue to use it because they're stupid.

I don't really care about their motives or what they did. Hell, I avoid their software because of what they've done in the past, they have at least 10 years of spotless behaviour ahead of them before they ever even get back to the "Well, I'll consider them" phase.

More importantly, is the "targetted" advertising and tracking information that they can gather really that worthwhile? What's the stats on un-targetted versus targetted advertising in any medium - online, TV, radio? Obviously, it's not a good idea to target condom advertising in between Teletubbies episodes but does the reverse really have a much-worse response rate than normal? Where is the value in collecting that massive amount of data? Google has oodles and oodles and oodles of advert targeting data if it wants to use it - but almost all Google Adwords I see aren't related to me at all and when you want to show your ads, it's more common to let you choose keywords, target demographics or just let things happen pretty much randomly and in the cheapest spots than it is to target your football-related ads on football sites.

What targetted data could possibly have been used to show me those ads? The word Linux (in the sitename, I'm actually browsing from Windows in work and typed in the URL directly!), and my GeoIP (or, at least, my employer's GeoIP for their main proxy server). What's worth spending BILLIONS on infrastructure and data collection to put ads on a high-traffic Linux website that display to a London, UK user related to : London, UK and Linux.

So, actually, with Google's "Targetted Ad's", we end up with 3 ad's that aren't at all related to scouting (the other has various links to it) - only one of which is linked to the GeoIP, most of the Scouting links were actually for US Scouting which is vastly different, and the two remaining tenuous links are pretty-much random fillers. Considering that sites earns it's entire hosting budget + a couple of camps for the kids every year from just the Google Ad's alone, that's pretty damning of ad-targeting technology.

Seriously, what does collecting ad-targetting data in this manner get you that you couldn't from a quick keyword analysis and Geo IP lookup?

And again, where does this require long-term mass tracking of websites you've visited, recording of that information in cookies, or sale/use of that information (i.e. anything that a "privacy blocker" would erase from a website I visit after I close the window?). For Gmail, all they have to do is: scan the email that they received and store on my behalf, which I am NOW asking them to display on the screen in front of me, for keywords, then display ads based on those keywords. Nowhere do they need to keep

You have missed the point. Google, by vacuuming up every possible bit of data they can collect, now has a vast treasure trove of information that can be sold. They can reduce this information down by demographics and have an extremely marketable database that is continually evolving.

Companies pay millions for simple cash register scanning data, so you can imagine what a database that says people in suburban Wilkes-Barre PA are more interested in X than Y now. If you have a company that makes X it means c

The dumbest thing here is the "use Firefox" tag. Firefox actually ships out-of-the-box in the exact same configuration (cookie-wise) that IE8 does. (Possibly because of the Google association, possibly because Firefox devs are sane and realize that cookies aren't the Biblical Mark of the Beast or whatever the hell privacy advocates think they are.)

So basically, you're saying:* Don't use IE8, it requires tweaking a setting to turn on privacy options.* Use Firefox, which requires tweaking a setting to turn on

You can modify the shortcut for IE or Chrome to start in private/incognito mode all the time (no need to set it on each program startup). Problem is, 99% of the planet wouldn't know/understand how to do this and this is the issue, if geeks can avoid tracking with ad blocking and incognito mode and whatnot, the average browser user can't. If IE really wanted to distance themselves from other browsers, they would have made privacy an opt-out feature, instead an opt-in.

Except there are reasons that the average person would not want to have privacy/incognito mode enabled by default, since it blocks cookies, history, saved credentials and several other things that people use every day.

Or because the average user is running around the Internet looking for instant gratification and simply won't learn about security.

But what if that's changing?

We can bitch and moan about how worthless Facebook is but these privacy debacles seem to finally be waking people up to the real issues at stake. Thankfully to raise this issue it took just a few sensitive pictures of some fools to get out after they posted them to the world instead of a totally invasive all knowing nexus of everyone's everything. Seems like the past 20 or so years it's slowly been getting worse and worse on the internet. And now WSJ has this huge "expose" called What They Know [wsj.com] with an intuitive display of what's affecting you [wsj.com] without your knowledge. And that indicates that WSJ thinks people want to hear about this and that it will sell eyeballs. I say it's about damned time. I hope it doesn't stop here with Microsoft or even stop at browsers. It should continue from websites all the way back to The Patriot Act. Hopefully the spirit of privacy from government and corporations has merely been sleeping in Americans and not completely dead/relinquished. Unfortunately they say it's always much harder to win back liberties lost than to give them up.

uh, people will start debating logically (which probably won't happen in our lifetime), before they start realizing privacy issues are a big deal.

Slowly a small amount of people wisen up to everything each year aka start using logic, but I wouldn't call it a consistent majority or even heading near it.

Honestly, until windows loses it's majority (reality is like 60-70% of the world is on windows and 30% is on linux, while every internet user does something that involves both every single day), people are not

Or because the average user is running around the Internet looking for instant gratification and simply won't learn about security.

Right, because it is ABSOLUTELY CRITICAL that my Slashdot account not get hacked...

I like websites remembering my settings, thank you. And I like the "awesome bar" in Firefox. So they can go ahead and track me and try to get me to click on things. I hope they are also tracking my use of AdBlock.

That's just ignorant... take for example, on one website, I put that I was 'male' interested in 'females', BUT what I didn't know was that I was being SPIED ON and this information was being made available to selecting which adverts were being displayed, so when they show me 'dating' adverts, they show me pics of cute girls instead of guys!!! OMG!! Invasion of my privacy or WHAT?!! I've never felt so violated!! *violently throws up for two whole minutes* now excuse me while I go sit in the shower, sobbing a

I had a similar problem, meant to select the dropdown below it and somehow set "interested in men" instead of leaving it blank. I didn't have the option to un-set it, the only option was "interested in women". It didn't actually change anything, I was still seeing gay dating ads for a few weeks until I mailed support. They "fixed the glitch" in some way. Bottom line, now I get dating ads that I'll never click on because they are so obviously bogus, instead of relevant ads for stuff that I might click on

History and saved credentials should not be a problem privacy-wise. That are exactly the details a browser should never give to the web site you are browsing. This info is kept on your own computer, and save browser bugs stay there.

Cookies are another matter: they are designed to do just that, give info to the web site you visit. Third-party cookies are a problem imho, cookies from the web site you are visiting not so much. Actually I like it when a web site that I visit often keeps track of my preferences

A bit. It shows a lack of political awareness from the IE team. They could easily have got the features in if they'd pointed out to management that 'giving automatic privacy to consumers would make it tougher for Microsoft to profit from selling online ads' also means 'giving automatic privacy to consumers would make it tougher for Google to profit from selling online ads.'

I don't know about that. Ballmer, in response to questions about the iPad, said that Apple was selling more than he'd like them to. Now what kind of perverted Business School Product thinks like that...probably all of them. Presumably if Apple wasn't selling any, he'd be uninterested in the segment. This goes a long way in explaining what is wrong about MS.

Wrong analogy. More iPads sold now means fewer Win7 tablets sold later and a harder time for MS to catch up to Apple - Ballmer's position is perfectly sensible. This is different from being opposed to something that helps both iPads and Win7 tablets, which would be irrational.

The Journal's examination of the top 50 most popular U.S. websites showed that Microsoft placed third-party tracking devices on 27 of the top 46 sites that it doesn't itself own.

It's about tracking your movements/interests, harvesting that data and then using that data to advertise to you better... which usually means handing it off to those advertisers to better target you. And they're not the only ones:

Many also have big stakes in online advertising. Microsoft bought aQuantive, a Web-ad firm, in 2007 for more than $6 billion, to build a business selling ads online. Google, already a giant in online marketing, in September 2008 launched a Web browser, Chrome, that gives it new insight into Internet users' habits. Apple has launched an ad network, iAds, for its iPhone and iPad. And Adobe last year paid $1.8 billion to buy Omniture, which measures the effectiveness of online ads.

WGA/WPA isn't going to get a hold of this kind of data. That's a sort of digital rights management for validating Windows, not tracking users with cookies and making bank off of it. They profit when they sell you Windows (with IE8) and they'll profit when you use IE8 on the internet.

You've hit the proverbial nail on the head. Valuing revenue over customers only works for a finite number of annual financial reports. More mature companies, even other evil ones, know that a retained customer is one of the best sources of revenue and especially of profit.

Then consider the fact that Microsoft is currently run by a Marketing Moron, Steve Ballmer. This is how companies die.

Except that MS is doing just fine financially, last time I checked. They're not growing as fast as they used to, but they're not exactly on life support either.

When most of a company's customers are blithering idiots, a Marketing Moron can still run the company quite successfully by screwing over the customers and profiting from it. The customers are so dumb they keep coming back for more.